- Microsoft released its regular Patch Tuesday fixes for 121 vulnerabilities in its software products, including exploited zero-day vulnerabilities.
- On top of the patched vulnerabilities, a case of remote code execution affecting the Microsoft Windows Support Diagnostic Tool (MSDT) sits.
- Many vulnerabilities in local components of Microsoft Azure were also fixed on Patch Tuesday including vulnerabilities in Azure Site Recovery software, the Azure Real-Time Operating Systems, Azure Sphere, and the Azure Batch Node Agent.
Microsoft patched 121 vulnerabilities in its variety of products and devices as part of its Patch Tuesday. The update included a fix for a flaw that attackers have exploited in the wild to run malicious code when users click on a link either via email or on a website hosted by the attackers.
Luring users to click on malicious links
One of the most dangerous vulnerabilities that were patched is CVE-2022-34713 (CVSS score: 7.8). It is a case of remote code execution affecting the Microsoft Windows Support Diagnostic Tool (MSDT). An attacker could convince users to click a link in an email or instant message, and then convince them to open the specially crafted file to exploit this vulnerability. This flaw is a variant of the vulnerability publicly called Dogwalk.
CVE-2022-35743 (CVSS score: 7.8) is the other remote code execution flaw in MSDT. The flaw was discovered by security researchers Bill Demirkapi and Matt Graeber.
While the MSDT vulnerabilities are the most critical to fix, many vulnerabilities in local components of Microsoft Azure were also fixed on Patch Tuesday. Azure patches included vulnerabilities in Azure Site Recovery software, the Azure Real-Time Operating Systems, Azure Sphere, and the Azure Batch Node Agent.
One other patch is for a vulnerability that can be tracked as CVE-2022-30134, “Microsoft Exchange Information Disclosure Vulnerability”, and could allow an attacker to read targeted email messages. Other highlighted patches are for Microsoft Exchange Server elevation of privilege vulnerability, tracked under CVE-2022-21980. CVE-2022-24477, on the other hand, enables attackers to take over the mailboxes of all Exchange users, attackers can send emails, read emails, and download attachments, and CVE-2022-24516 leads to the same impact.